all InfoSec news
A Formal Model of Security Controls' Capabilities and Its Applications to Policy Refinement and Incident Management
May 7, 2024, 4:11 a.m. | Cataldo Basile, Gabriele Gatti, Francesco Settanni
cs.CR updates on arXiv.org arxiv.org
Abstract: Enforcing security requirements in networked information systems relies on security controls to mitigate the risks from increasingly dangerous threats. Configuring security controls is challenging; even nowadays, administrators must perform it without adequate tool support. Hence, this process is plagued by errors that translate to insecure postures, security incidents, and a lack of promptness in answering threats. This paper presents the Security Capability Model (SCM), a formal model that abstracts the features that security controls offer …
administrators applications arxiv capabilities configuring controls cs.cr incident information management policy process requirements risks security security controls security requirements support systems threats tool
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Security Compliance Strategist
@ Grab | Petaling Jaya, Malaysia
Cloud Security Architect, Lead
@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)